Cybercrime: Police Bust Sophisticated Microsoft 365 Phishing Ring
In a reminder that cybercrime now knows no borders, Nigerian investigators have dismantled a sophisticated phishing operation that targeted Microsoft 365 users across corporate, financial and educational institutions worldwide
The Nigeria Police Force National Cybercrime Centre (NPF-NCCC), the Force Public Relations Officer, CSP Benjamin Hundeyin announced the arrest of three suspects linked to coordinated cyberattacks that relied on fake Microsoft login pages to steal sensitive credentials.
He said the operation followed credible intelligence from Microsoft Corporation in the United States, relayed through the FBI, exposing the use of a phishing toolkit known as RaccoonO365.
Acting on the intelligence, the NPF-NCCC, working closely with Microsoft, the FBI and the United States Secret Service, traced multiple cases of unauthorised access to Microsoft 365 accounts between January and September 2025.
The attacks resulted in business email compromise, data breaches and financial losses across several jurisdictions
Operatives were deployed to Lagos and Edo states, where three suspects were arrested and digital devices recovered. Forensic analysis linked the equipment to the cyber fraud scheme.
Investigators identified Okitipi Samuel, also known as “RaccoonO365” and “Moses Felix”, as the principal suspect and alleged developer of the phishing infrastructure, which was reportedly marketed via Telegram and paid for with cryptocurrency.
Police, however, noted that the two other suspects arrested were not linked to the creation or management of the phishing network.
The Nigeria Police Force reiterated its commitment to protecting the country’s digital space through advanced technology, international collaboration and rigorous investigation, as cybercriminal tactics continue to evolve
Follow the Savinews Africa channel on WhatsApp: https://whatsapp.com/channel/0029VawgaEL5vKA9Y5XTFg0n
